Help

Deploying a .Plist via JAMF - Unknown Domain Preference.

Jdawgprime
New Contributor II

Posted on ‎05-17-2022 03:44 PM

Good Evening All,

We recently found a need to deploy a .Plist to the Monterey/Library/Launch Agents folder of our 80+ Macs in our company in an effort to ignore the .DSStore files they create while surfing network shares. This way any user who logs into the Mac has the command run to have the device ignore those files in an effort to speed up searching NAS locations.

Utilizing the follow article:
Deploying Custom Configuration Profiles Using Jamf Pro - Technical Articles | Jamf

I was able to create my own Custom Configuration Profile however I am uncertain what to put in for the Domain Preference. One article said com.jamf.compliancereporter but that wasnt working for us and returning "The mdm verb is not available on this version of MacOS." in the Monterey/private/var/log/jamf.log and I came up short looking that error up.

Any assistance that anyone has would be helpful and appreciated. I am going to post the .Plist text below that I am trying to utilize. I have tested that already and it works correctly I just dont want to deploy it manually on 80+ machines. XD

Thanks

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
               <key>EnvironmentVariables</key>
               <dict>
                                <key>PATH</key>
                                <string>/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/sbin</string>
               </dict>
               <key>Label</key>
               <string>DS Store</string>
               <key>ProgramArguments</key>
               <array>
                                <string>/usr/bin/defaults</string>
                                <string>write</string>
                                <string>com.apple.desktopservices</string>
                                <string>DSDontWriteNetworkStores</string>
                                <string>-bool</string>
                                <string>TRUE</string>
               </array>
               <key>RunAtLoad</key>
               <true/>
</dict>
</plist>

 

0 Kudos
8 REPLIES 8

mainelysteve
Valued Contributor II

‎05-18-2022 04:54 AM - edited ‎05-18-2022 11:17 AM

A quick Google search reveals com.apple.desktopservices as your preference domain. A few results on JN as well with this being the most recent one.

See @mm2270 post below. Didn't notice this was a launchd job and not the type of plist you'd need for a custom config profile.

0 Kudos

mm2270
Legendary Contributor III

Posted on ‎05-18-2022 10:01 AM

The plist you've posted is a launchd job (LaunchDaemon or LaunchAgent). If this is what you need to deploy, it would go into a location like /Library/LaunchAgents/ or /Library/LaunchDaemons/, etc. You wouldn't use this as a Custom Configuration Profile, so I guess I'm a little confused about what you're attempting to do.

mainelysteve
Valued Contributor II
In response to mm2270

Posted on ‎05-18-2022 11:22 AM

I've been staring at screens too long today and didn't notice that :/ . 

@Jdawgprime You need deploy the below plist with com.apple.desktopservices as the preference domain.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>DSDontWriteNetworkStores</key>
    <string>true</string>
</dict>
</plist>

Jdawgprime
New Contributor II
In response to mm2270

‎05-20-2022 07:26 AM - edited ‎05-20-2022 07:28 AM

Apologies, I am beyond new at all of this and everything I was reading was saying to deploy a .plist with the Custom Configuration Profile. It is a LaunchAgent and basically just wanted a way with JAMF to put that in the LaunchAgents folder on all of our machines instead of doing them one at a time, I hope that makes more sense.

0 Kudos

mm2270
Legendary Contributor III
In response to Jdawgprime

Posted on ‎05-20-2022 10:51 AM

Hi @Jdawgprime, no need to apologize. We all start somewhere.

Have you tried the suggestion from @mainelysteve above to see if it solves your issue? Because using a profile tends to be the preferred way to affect preference settings. It actually does the exact same thing as the ProgramArguments section of your LaunchAgent plist, except that profiles are more permanent in nature. Technically speaking, something could override the manually applied settings using defaults write as your LaunchAgent is doing, in between log outs/restarts. Whereas with a Configuration Profile it won't get overwritten or overridden.

If you really would prefer to use your LaunchAgent, you could package it in Composer and deploy it as a package. Or you could use a scripted method to "write" the LaunchAgent into place. Like this.

#!/bin/zsh

cat << EOPLIST > /Library/LaunchAgents/com.org.donotwritenetworkstores.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
               <key>EnvironmentVariables</key>
               <dict>
                                <key>PATH</key>
                                <string>/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/sbin</string>
               </dict>
               <key>Label</key>
               <string>DS Store</string>
               <key>ProgramArguments</key>
               <array>
                                <string>/usr/bin/defaults</string>
                                <string>write</string>
                                <string>com.apple.desktopservices</string>
                                <string>DSDontWriteNetworkStores</string>
                                <string>-bool</string>
                                <string>TRUE</string>
               </array>
               <key>RunAtLoad</key>
               <true/>
</dict>
</plist>
EOPLIST

chown root:wheel /Library/LaunchAgents/com.org.donotwritenetworkstores.plist
chmod 644 /Library/LaunchAgents/com.org.donotwritenetworkstores.plist

 

 

Jdawgprime
New Contributor II
In response to mm2270

Posted on ‎05-20-2022 04:05 PM

I did try he suggestion and still got the same error in the jamf.log which was “ the MDM verb not available on this version of MacOS. This is Monterey, so I’m not sure if that another problem , I couldn’t really come up with what that meant from looking it up. That being said I will attempt your two suggestions and see how those fair. I appreciate all the help and suggestions everyone!

0 Kudos

mainelysteve
Valued Contributor II
In response to Jdawgprime

Posted on ‎05-23-2022 07:48 AM

The log file is correct, you can't use the mdm verb in terminal i.e. jamf mdm ---- with 10.12(Monterey). It almost sounds like you have a script or another launch agent calling a script that contains line "jamf mdm ---" If you do then it needs to be pulled as well. It's either that or you are mistakenly issuing that command yourself. 

Is this from a clean, newly enrolled machine or did you user enroll these with your 80+ load of launch agents already on them? I suggest a clean machine without your launch agent load on it and deploy the profile then monitor the jamf.log for any errors and observe if the profile changed the dsstores behavior on network shares.

Jdawgprime
New Contributor II
In response to mainelysteve

Posted on ‎05-25-2022 08:39 AM

Thanks for the reply Mainelysteve, I will try that out and test it. I was attempting to do it on my test machine I have which was enrolled already, I will see what I can figure out. Appreciate all the help

0 Kudos